CVE-2011-2699

moderate-risk
Published 2012-05-24

The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.

Do I need to act?

~
1.4% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (3)

Affected Vendors

Redhat Linux

References (14)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=...
Mailing List http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
Broken Link http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Mailing List http://www.openwall.com/lists/oss-security/2011/07/20/5
Third Party Advisory http://www.securitytracker.com/id?1027274
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=723429
Patch https://github.com/torvalds/linux/commit/87c48fa3b4630905f98268dde838ee43626a060...
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=...
Mailing List http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
Broken Link http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Mailing List http://www.openwall.com/lists/oss-security/2011/07/20/5
Third Party Advisory http://www.securitytracker.com/id?1027274
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=723429
Patch https://github.com/torvalds/linux/commit/87c48fa3b4630905f98268dde838ee43626a060...
39
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 4/34 · Minimal
Exposure 9/34 · Low